Here are some instructions on how to encrypt a file using GPG, the open source version of PGP. It’s assumed that somebody needs you to send them an encrypted file, they’ve given you their public key in a trustworthy manner, and they have the private key. It’s also assumed that you have GPG installed, but this shouldn’t be a problem because it’s usually installed by default on Linux.
First, you’ll need to create a default gpg key. To do this, you’ll need to have a directory in your home directory called “.gnupg”. If you don’t have permissions to add directories into your root (common on shared hosting plans), you’ll need an admin to create the folder (mkdir) and set the owner to your user (chown).
Once you have the folder (or if you already have permissions, it’ll create it for you), run this command and follow the instructions. If you’re not sure the answer, accept the defaults or the first option.
gpg –gen-key
They may have armored their public key, which from the help file means to “create ascii armored output”. I’m not really sure what that means, but it seems like it’s in a text friendly format. If armored, you need to dearmor it first:
gpg –dearmor some_public_key.asc
This will create a new file with the gpg extention. Next you’ll need to import the dearmored key.
gpg –import some_public_key.asc.gpg
Once imported, you’ll need to find out it’s name.
gpg –list-keys
If you want the ability to encrypt files in a script, it’s a good idea to sign the key. Otherwise, the encryption process prompts you with a question, and the only way I’ve found to bypass that question is to sign the key.
Assuming that the name of the key is “somepublic”, here is the command:
gpg –sign-key somepublic
Follow the prompts and as long as you trust that the public key is legit, tell it you trust it explicitly. To see that everything was signed correctly, run this command:
gpg –list-sigs
Now try encrypting something using the public key:
gpg -e -r somepublic testfile.txt
If everything worked correctly, you’ll now have a file called testfile.txt.gpg (and the non-encrypted version), and it should not have prompted you for anything during the process. The only way to decrypt this file is to have the private key, which is what the other person would have installed.